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figure 3A 

| C&D received by the ASIC 



SignDownHash(C)=C* 



1st option 



{ appli signed by 
SADPrivateKey) 



SignDownEnc^SADPubUcKeyCD^D* 




No 



Erase C 



Yes 


* — ,* 
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Validated Appli C 
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Store Appli in RAM using 
encryption hardware interface 
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figure 3B 



C&D received by the ASIC 



SignDownHash(C)=C* 



2nd option 



(option 2a) 



{appli signed by 
CustoxnerPrivateKcy } 



{ CustomerPubl icKey 
inlSMAJ 



Load CustomcrPublicKey 
from ISMA 



SignDownEnc 1 _CustomerPublicKey(D)=D* 




Validated Appli C 



Store Appli in RAM using 
encryption hardware interface 
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F igure 3C 



C&D received by the ASIC 



SignDownHash(C)=C' 



2nd option 



(Option 2b) 
▼ 



{appli signed by 
CastomerPrivateKey } 



fCustomerPublicKey 
in External Memory } 



CustomerPublicKey = 
SignDowrjEncl_SADPublicKey(EncCustoinerPubIicKey) 



SignDownEnc- , _CustomerPublicKey(D)=D' 




Validated Appli C 






f 




Store Appli in RAM using 
encryption hardware interface . 
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Figure 3D 



C&D&E&F received by the ASIC 



2nd option 



(c) 



{appli signed by 
CuslomerPri vateKcy ) 

{ CustomerPublicKey 
with downloaded data} 



SignDownHashCE^E* 



SignDownEnc" 3 _ 
SADPublicKey(F)=F 




Erase C 



CustomerPubIicKey=E 



Sig^DowIlEnc*LCustomerPublicKeyCD)=D , 



SignDownHash(C)=C* 




Erase C 



Validated Appli C 

T 

Store Appli in RAM using 
encryption hardware interface 
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EncDown Process 

i 



EncDovmLSADSecretKe^A^A* 
EncDown'S ADSecretKey(B)=B * 

I 




No 




> ► 


Erase A* 



Yes 


r «* 


Validated downloaded 
appli A* 



Store A' in External Memory 
using External Memory Encryption process 
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figure 5A 



ASIC received data for example from RAM 
that are now in clear and should be stored in External Memory 

+ 

ASIC selects sensitive Soft&Data to be encrypted 



(option 4) ASIC compresses data 






(option 3) ASIC generates RN 
KF=RN 





I 



Gets KF in ISMA 
. 1 ▼ 1 

EncFlash_KF(Sensitive Soft&Data) 

(Option 6) EncHash_KF(EncFIastjHash(sensitive Soft&Data)) 

(Option3) EncFlash_SADSecretKey(RN)=RNEnc 

y 

(option 5) gets ChipRandomNumber in ISMA 
EncRash_KF(ChipRandoniNumber;EncRashH^ 

3 

Store in External Memory 
• EncFIash_KF(Sensitive Soft&Data) 
• (Option 6) EncFlash_KF(EncFIashHash(sensitive Soft&Data)) 
• Other non sensitive data 
• (Option3) EncFl ash_S ADSecretKey(RN)=RNEnc 
• (option 5) EncFlash_KF(ChipRandomNumber;EncHashHash(ChipRandomNumber)) 
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figure 5B 


ASIC receives encrypted data from External Memory 




ir 






(Option3) 
ASIC gets SADSecretKey in ISMA 
EncFlash"LSADSecretKey(RNEnc)=RN=KF 





Gets KF in ISMA 

I 

(option 5) 
EncHashLKFCK-.Y^CX'fn 
EncFlashHash(X , )=Y' ' 



(Option 5) Is Y"=Y'? 
Yes 



No 



Flash Content not validated 



EncFlash'_KF(EncSoft&Data)=DecSoft&Data 



(Option 6) 
EncFlash-'_KF(EncH)=H 
EncFlashHash(DecSoft&Data)=H* 




DecSoft&Data not validated 



(option 4) ASIC decompresses data 



ASIC has Soft&Data available in clear 
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figure 6 



ASIC selects sensitive Soft&Data 
EncHash_ChipSecretKey(SensitivcSoft&Data)=I 



ASIC generates RNG 



EncFlashHash(RNG))=JC 



EncFJash_ChipSecretKey(RNG;K) 
J 



ASIC stores I & J in External Memory 
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figure 7 



At least after each reset : 



ASIC verifies Soft&Data 



EncHash'.ChipSecrctKevfJN 1 W 1 Z 






r 




EncFlashHashCW^Z* 




No 





Yes 


r 






ASIC deciphers 
sensitive Soft&Data 








r 




EncFIash-LChipSecretKey(I) 


sensitive Soft&Data in clear 



Non Validated 
External Memory 
Content 
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figure 8 





PcrsoSecretKey stored in ISMA 










ISMAInfo updaLed to 
indicate that PeisoSecretKey is available 








ISMAContentHash calculated and 
stored in ISMA 





ISMA after First level personalization 

ASIC ISMA: 





j / PcrsoSecretKey 




\ f ISMAInfo 




! / ISMAContentHash 
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